[MEDIUM] AVideo: CSRF on Player Skin Configuration via admin/playerUpdate.json.php

PKSA-6czf-bc7p-h4k6 CVE-2026-35181 GHSA-4q27-4rrq-fx95

Affected package: wwbn/avideo

Affected version: <=26.0

Reported by:
GitHub